#!/bin/sh

startstop=$1
if [ -z "$startstop" ]; then
	startstop="start"
fi

table="OUTPUT"
ipsrc=$(cat ./ip.txt)

case "$startstop" in
	start)
		for i in $ipsrc; do
			iptables -I ${table} -d $i -m comment --comment "ipfiltering" -j DROP
		done
	;;
	stop)
		ipdel=$(iptables -S ${table} |grep ipfiltering|sed -e 's/\ /\n/g'|grep \\-d -A 1 |grep \\.|cut -d/ -f1)
		for i in $ipdel; do
			iptables -D ${table} -d $i -m comment --comment "ipfiltering" -j DROP
		done
		
	;;
esac
